CRIF takes major steps towards cyber insurance goals

The Cyber Risk Insurance Forum (CRIF) has taken major steps towards its goal of developing a website that will help raise cyber insurance awareness and offer cyber risk guidance for companies considering taking out cyber insurance.  CRIF has developed first drafts of the cyber risk matrix, and cyber risk and privacy framework which can be found here

Law firm DAC Beachcroft has also joined the forum to strengthen CRIF’s legal knowledge, ahead of impending national and EU regulatory changes.  CRIF is also urging businesses of all types and sizes to participate in our survey on organisations adoption and thinking around cyber risk and insurance. 

Daljitt Barn, CRIF chairman and associate director at global information assurance firm, NCC Group said: “We’ve made some fantastic progress recently, and now we need businesses to get involved and help shape a cyber insurance framework. If we’re to develop a model that can help companies on the ground we need a community approach.”

As an adolescent class of business, cyber insurance is underwritten from a number of different perspectives, with no uniformity of information requirements, best practices or risk management advice. CRIF is working towards the development of greater synergy between effective risk management and appropriately tailored, cost-efficient insurance cover.

Recent research from the Department for Business, Innovation and Skills (BIS) revealed that 87% of small businesses suffered a data breach in 2012, and it’s the vulnerable SMBs that CRIF is aiming to protect.

Daljitt continued: “The government has shown that SMBs are in more danger than most people realise, which is why we’re targeting smaller businesses in particular. We want to help SMBs protect themselves, through both improved security standards and cyber insurance.”

The government is in the process of putting together a cyber organisational standard for UK organisations, and CRIF is assisting the government by providing a detailed response to the on going consultation.

“Developing Cyber resilience is imperative for business today” says Russell Price, Chairman of the Continuity Forum. He adds, “Few companies are really connecting Cyber Risk into management frameworks that can cope with its complexities and even fewer are properly assessing the wider risk to the business it presents.”

The survey can be accessed here. Here are links to the draft cyber risk matrix and cyber risk guidance framework.  For more information please call us or mail at [email protected]